Overclock Quebec - Nouvelles et Rumeurshttps://overclockquebec.com/
Nouvelles et rumeurs provenant du webfrSat, 25 May 2019 13:56:26 GMTvBulletin60https://overclockquebec.com/images/BP-Black/misc/rss.pngOverclock Quebec - Nouvelles et Rumeurshttps://overclockquebec.com/
https://overclockquebec.com/threads/11895-Google-suspends-some-business-with-Huawei-after-Trump-blacklist?goto=newpost
Tue, 21 May 2019 15:34:42 GMTAlphabet Inc’s Google has suspended business with Huawei that requires the transfer of hardware, software and technical services except those...Alphabet Inc’s Google has suspended business with Huawei that requires the transfer of hardware, software and technical services except those publicly available via open source licensing, a source familiar with the matter told Reuters on Sunday, in a blow to the Chinese technology company that the U.S. government has sought to blacklist around the world.

Holders of current Huawei smartphones with Google apps, however, will continue to be able to use and download app updates provided by Google, a Google spokesperson said, confirming earlier reporting by Reuters.

“We are complying with the order and reviewing the implications,” the Google spokesperson said.

“For users of our services, Google Play and the security protections from Google Play Protect will continue to function on existing Huawei devices,” the spokesperson said, without giving further details.

Intel clarified that it's not recommending everyone to disable Hyper-Threading, but that some of its customers should consider the option depending on their security needs:

"Once these updates are applied, it may be appropriate for some customers to consider additional steps. This includes customers who cannot guarantee that trusted software is running on their system(s) and are using Simultaneous Multi-Threading (SMT). In these cases, customers should consider how they utilize SMT for their particular workload(s), guidance from their OS and VMM software providers, and the security threat model for their particular environment. Because these factors will vary considerably by customer, Intel is not recommending that Intel® HT be disabled, and it’s important to understand that doing so does not alone provide protection against MDS."

Google seems to be one of those select customers which considers the risk of keeping HT enabled just too big. The company has published on the Chromium site that HT will be disabled in Chrome OS version 74:

Intel unveiled yet another speculative execution side-channel flaw in its processors. The vulnerability affects most of the company’s processor SKUs, except the 8th and 9th generation chips, which Intel said includes hardware mitigations against this flaw.

Microarchitectural Data Sampling in Intel Chips
The Microarchitectural Data Sampling (MDS) issue is a speculative execution side-channel attack that may allow malicious actors to locally execute code in order to extract sensitive data that would otherwise by protected by Intel processors’ architectural mechanisms.

According to Intel, four CVEs were assigned to this flaw in Intel’s processors, including:

For instance, every time a processor would switch from one third-party app to another, from a Windows process to a third-party app, or even from less trusted Windows processes to more trusted ones, the buffers would have to be cleared or overwritten. Adding such a significant step in the processing software will most likely lead to a performance loss. How large or small, it remains to be seen, but chances are it could be on the significant side.

Intel Recommends Disabling Hyper Threading
The company admitted in its white paper that the software mitigations will have a significant effect on how HT works. The threads will need a higher level of isolation between each other, and they will not be able to run processes from different security domains anymore. Threads from different security domains will simply become idle (thus turning into wasted processing power).

It seems that with every other speculative execution attack, Intel’s Hyper Threading becomes either less secure or slower. Intel itself seems to be moving away from Hyper Threading lately on some of its best CPUs, even in the face of AMD competition with both higher number of cores and simultaneous multithreading (SMT) support at similar price points.

Intel has also been publicly reluctant to agree with the disabling of HT when others have called for it with the discovery of some previous CPU flaws, but in its paper, the company stated that disabling HT altogether may be warranted as protection against MDS attacks.

Despite all of these drawbacks, Intel did mention in the white paper that these software mitigations are highly recommended, despite the vulnerabilities being classified only low to medium severity.

Intel noted that future processors will have data sampling methods mitigated in hardware. Some of the company’s current chips could also enable similar mitigations, but only after a microcode update has been loaded. In other words, you’ll rely on your motherboard maker or laptop maker to deliver that update to you, before you can benefit from this mitigation.

Affected Processors
Virtually all of Intel’s chips starting with the Nehalem architecture (launched in 2008, 11 years ago) and newer, with the exception of the Whiskey Lake (ULT refresh), Whiskey Lake (desktop), as well as the Atom and Knights architectures, are affected by the MDS vulnerabilities.

What this tell us is not only that there are now multiple speculative execution attacks against Intel’s processors, or that there will be more to come until a Intel applies a more significant overhaul to its architecture, but that most of these chips will likely never be patched against this flaw and others like it. Motherboard and laptop OEMs tend to update only their most recent products, so the majority of systems sold in the past 11 years will likely remain vulnerable.

Those that do get the patches shouldn’t necessarily consider themselves that much luckier either, as the performance loss after the patches are applied could be significant. Those who buy the new Intel chips starting with Whiskey Lake refresh and later should see a much lower performance loss as well as the security protection from the built-in hardware mitigations, at least until a new speculative execution attack appears that can bypass the new mitigation appears.

Intel has provided more information about the MDS flaws, including about how to get the software patches, on its website.

]]>Nouvelles et RumeursChristTheGreathttps://overclockquebec.com/threads/11890-Intel-New-Spectre-Like-Flaw-Affects-Chips-Made-Since-2008https://overclockquebec.com/threads/11881-AMD-Ryzen-9-3800X-Ryzen-7-3700X-Ryzen-5-3600X-Spotted-in-Online-Stores?goto=newpost
Fri, 03 May 2019 12:43:41 GMTBefore we begin, please do take this info with a chunk of salt the size of an iceberg, and then read on. In a Vietnamese and Turkish webshop, some...Before we begin, please do take this info with a chunk of salt the size of an iceberg, and then read on. In a Vietnamese and Turkish webshop, some interesting names popped up, yes the AMD Ryzen 9 3800X, Ryzen 7 3700X, Ryzen 5 3600X. Prices and specs are listed, which is interesting but also, they look very similar to a leak from a while ago.

Here's the thing, two online retailers were listed in a TPU forum thread, they noticed that a Vietnam and Turkish shop are listing the AMD's 3000 series processors. The procs listed are the Ryzen 9 3800X, Ryzen 7 3700X, and Ryzen 5 3600X. It might be clickbait, it might be hype and virals, the specs, however, are impressive if they would be true.

Ryzen 9 3800X is being listed with 32 threads, so that is a 16-core processor with a 3.9 GHz base and up to 4.7 GHz Turbo. At 16 cores a 125 Watt would not suck TBH. The Turkish etailer then is listing an AMD Ryzen 7 3700X at 12 cores, 24 threads with a 4.2 GHz base and 5.0 GHz Boost clocks. The same Turkish website also is listing a Ryzen 5 3600X with 8 cores at a base clock of 4.0 GHz base and 4.8 Boost clock.

Now here's where the grain of salt the size of an iceberg comes into play, these specs 100% match an earlier leak from AdoredTV, read more on that here. At the time of writing such detail where too early to be correct, and since they frequencies match, these retailers might have just grabbed that info, insert it, in the hope they get extra traffic. On the other side of the scope, there is always a possibility this is real. Why do I say this? Check that box art, Ryzen 9 ? Did I inject enough disclaimers now?